CVE-2005-0525

NameCVE-2005-0525
DescriptionThe php_next_marker function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service (infinite loop) via a JPEG image with an invalid marker value, which causes a negative length value to be passed to php_stream_seek.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-708-1, DSA-729-1
NVD severitymedium (attack range: remote)
Debian Bugs302701
Debian/oldstablenot known to be vulnerable.
Debian/stablenot known to be vulnerable.
Debian/testingnot known to be vulnerable.
Debian/unstablenot known to be vulnerable.

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
php3source(unstable)3:3.0.18-31medium
php3sourcewoody3:3.0.18-23.1woody3mediumDSA-708-1302701
php4source(unstable)4:4.3.10-10medium
php4sourcewoody4:4.1.2-7.woody4mediumDSA-729-1

Search for package or bug name: Reporting problems